Ticket #367 (closed defect: fixed)
Security: GetFdoCachInfo exposes plain text passwords alongside user Ids
| Reported by: | stevedang | Owned by: | stevedang |
|---|---|---|---|
| Priority: | medium | Milestone: | 2.0 |
| Component: | Server | Version: | 2.0.0 |
| Severity: | major | Keywords: | |
| Cc: | External ID: | 1010319 |
Description
Using the Web Tier test pages the GetFdoCachInfo? page exposes plain test passwords alongside their corresponding user id for database connections. For security reasons we should remove the password from the results.
Change History
Note: See
TracTickets for help on using
tickets.
